[Cryptography] Key escrow scheme
Jack N.
j.a.w.n at tutanota.com
Sun Apr 9 13:51:51 EDT 2017
9. Apr 2017 15:06 by phill at hallambaker.com:
>
>
> On Sat, Apr 8, 2017 at 2:01 PM, Harlan Lieberman-Berg <> hlieberman at setec.io> > wrote:
>
>> Phillip Hallam-Baker <>> phill at hallambaker.com>> > writes:
>> > Making such a scheme usable is somewhat tricky because we would want to
>> > make the shares used to secure the key to be as small as possible for
>> > convenience which indicates 128 bit work factor for the master key.
>>
>> Why not simply use Shamir's Secret Sharing? The security properties are
>> much stronger (SSS is information-theoretic secure such that a (k,n)
>> construction reveals no information with k-1 shares known. The size is
>> fairly minimal too; IIRC, each share is no larger than the key itself
>> (thus, the total construction is n*bit size).
>>
>
> I am using Shamir Secret Sharing. But that only gets you from a set of key shares to a master secret. You still have to get from the master secret to the encryption key.
> If you use 256 bits for the master key you end up with 256 bit shares.
Couldn't the SSShares reconstruct the master secret which is the encryption key?
the master secret needn't be another step removed from the shares.
If you use a 256bit for the master key you dont end have to have 256bit shares, or did you mean 256shares?
But i believe the normal approach to solving the problem, i think you are trying to solve is to use asymmetric encryption where the secret shares reconstruct the asymmetric private key info. Tho i fear you may have the same problem again if you have a fundamental misunderstanding on shamir sharing and prime secret size.
could the bottom post of this thread help perhaps?
https://crypto.stackexchange.com/questions/39970/shamirs-secret-sharing-scheme-prime-security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170409/c1c88aeb/attachment.html>
More information about the cryptography
mailing list